Author Topic: malicious url blocked  (Read 24707 times)

0 Members and 1 Guest are viewing this topic.

com155

  • Guest
Re: malicious url blocked
« Reply #15 on: July 07, 2011, 10:04:40 AM »
ok,may be essexboy may arrive late u should try this as an alternative option:

1.download dr.web from here:
www.freedrweb.com/?lng=en

2.do a full scan and i am sure it will find it and u should choose to cure it.

3.once done post logs on next comment and tell me whether this worked or not.



if not we have to wait for essexboy to arrive.
« Last Edit: July 07, 2011, 10:09:37 AM by com155 »

nabby68

  • Guest
Re: malicious url blocked
« Reply #16 on: July 07, 2011, 10:08:29 AM »
Hi
Can you paste a link to dr.web please as i am unable to paste it in my address bar as the virus re-directs me
thanks

com155

  • Guest
Re: malicious url blocked
« Reply #17 on: July 07, 2011, 10:10:23 AM »
now i have made it a link try it:

www.freedrweb.com/?lng=en

Offline essexboy

  • Malware removal instructor
  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: malicious url blocked
« Reply #18 on: July 07, 2011, 06:56:57 PM »
Quote
this is a adware.

 C:\Windows\system64\drivers\volsnap.sys
No this is a legitimate windows file

Nothing is readilly apparent with OTS so I will need to dig a bit deeper


Start OTS. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.

Code: [Select]

[Unregister Dlls]
[Registry - Safe List]
< Internet Explorer Settings [HKEY_CURRENT_USER\] > ->
YN -> HKEY_CURRENT_USER\: URLSearchHooks\\"{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> HKEY_CURRENT_USER\: URLSearchHooks\\"{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< BHO's [HKEY_LOCAL_MACHINE] > -> HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
YN -> {02478D38-C3F9-4efb-9B51-7695ECA05670} [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
< Internet Explorer ToolBars [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\
YN -> WebBrowser\\"{30F9B915-B755-4826-820B-08FBA6BD249D}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
YN -> WebBrowser\\"{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" [HKLM] -> Reg Error: Key error. [Reg Error: Key error.]
[Empty Temp Folders]
[EmptyFlash]
[CreateRestorePoint]
 

The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix.  Post that information back here

I will review the information when it comes back in.

Depending on what the fix contains, this process may take some time and your desktop icons might disappear or other uncommon behavior may occur.

This is no sign of malfunction, do not panic!

THEN

Download ComboFix from one of these locations:


Link 1
Link 2


* IMPORTANT !!! Save ComboFix.exe to your Desktop


  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
  • Double click on ComboFix.exe & follow the prompts.
When finished, it shall produce a log for you.  Please include the C:\ComboFix.txt in your next reply.

nabby68

  • Guest
Re: malicious url blocked
« Reply #19 on: July 07, 2011, 09:03:54 PM »
Hi Essexboy
Ran OTS and have attached the log file also ran ComboFix and after it running it did not produce a log file???

nabby68

  • Guest
Re: malicious url blocked
« Reply #20 on: July 07, 2011, 09:36:15 PM »
URGENT!!!
Decided to do a restart after combofix had ran and now i think my laptop is screwed as i cant get past the Start up repair screen . Apparently the only options i have is to do a reset back to factory default settings which will wipe everything1
Essexboy please help!
p.s currently on my daughters desktop pc!

nabby68

  • Guest
Re: malicious url blocked
« Reply #21 on: July 07, 2011, 11:11:19 PM »
any help anyone??? please :'(

Offline essexboy

  • Malware removal instructor
  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: malicious url blocked
« Reply #22 on: July 07, 2011, 11:32:23 PM »
What was the stage where combofix failed - can you select last known good from the safe mode menu please

nabby68

  • Guest
Re: malicious url blocked
« Reply #23 on: July 07, 2011, 11:42:24 PM »
cant get into safe mode tried to fix boot sector but now thats caused further problems, maybe time for a fresh install unless you have any other ideas? :'(

nabby68

  • Guest
Re: malicious url blocked
« Reply #24 on: July 08, 2011, 12:05:14 AM »
cmbofix ran ok but didnt produce a log file so i navigated to the combofix directory to try and find the .txt file and thats when the laptop started to play up so i did a restart and thats when the problems occured. Now i have the Windows Boot Manager screen asking me to insert my installation disc which i dont have because it didnt come with one when i bought it! :'(

nabby68

  • Guest
Re: malicious url blocked
« Reply #25 on: July 08, 2011, 09:56:03 AM »
I have now managed to get a windows 7 disc but it seems the only option I have is do a clean install. Any help would be appreciated.

com155

  • Guest
Re: malicious url blocked
« Reply #26 on: July 08, 2011, 10:03:23 AM »
could u try booting in safe mode with networking and do full scan with dr.web as i had mentioned in my above comments.

nabby68

  • Guest
Re: malicious url blocked
« Reply #27 on: July 08, 2011, 10:35:37 AM »
Unable to boot up in safe mode. I think my boot sector is damaged.

com155

  • Guest
Re: malicious url blocked
« Reply #28 on: July 08, 2011, 10:36:50 AM »
so can u boot in normal mode and do wht i said
« Last Edit: July 08, 2011, 10:39:19 AM by com155 »

nabby68

  • Guest
Re: malicious url blocked
« Reply #29 on: July 08, 2011, 11:36:40 AM »
No. Can't boot up at all because I think my boot sector is damaged